<?php
/*
 * asset.php
 *     Loads a specified asset from the Asset database. You must specify the
 *     asset ID in the 'id' query parameter, i.e.
 *     "asset.php?id=82"
 *
 *     You can also pass the 'id' parameter in a POST request.
 *
 *     Invalid or missing asset requests return a 404 status page
 *
 */
require_once("includes/config.php");

// Get 'file' parameter from POST or GET
$id = trim ((!empty($_POST['id'])) ? $_POST['id'] : $_GET['id'] );

$asset = NULL;

// If ID was given in request parameters, look up asset in database
if (strlen($id) > 0) {
    require_once("admin/includes/dbfunctions.php");
    $asset = getAssetInfo($id);
    // If asset was found in database, but file does not exist, return error
    if ($asset !== NULL) {
        if (file_exists($assetRoot . $asset['Filename']) === FALSE) {
            $asset = NULL;
        }
    }
}

if ($asset !== NULL) {
    // If asset was found, load asset
    $filename = $assetRoot . $asset['Filename'];
    $mimetype = $asset['Media'];
    if (trim($mimetype) == "") {
        $mimetype = "application/octet-stream";
    }
    ob_clean();
    header("Content-type: " . $mimetype);
    flush();
    readfile($filename);

} else {
    // Return 404 error
    header("HTTP/1.x 404 Not Found");
    ?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL <?php echo $_SERVER["REQUEST_URI"]; ?> was not found on this server.</p>
<hr>
<?php echo $_SERVER["SERVER_SIGNATURE"]; ?>
</body></html>
<?
}
?>
